<?php 
session_start();
include_once "./libs/config.php";
require_once "./libs/functions.php";




/*

if(isset($_POST['dosubmit'])) {

	if(strtoupper($_SESSION['verify_code']) == strtoupper($_POST['code']) ) {

	echo "输入成功!<br>";

	}else{

	echo "输入不对!<br>";

	}

}

*/


$username = $_POST['username']; 
$password = $_POST['password'];



//$username = safeHanler($username);
//$password = safeHanler($password);

// echo $username;

// echo "<br/>";

// echo $password;

// die;



$sql = "
select * from admin where username='$username' and
password='$password'
";
// select * from admin where username='a' or '1=1' and ;



$result = $conn->query($sql);

if ($result->num_rows > 0) {  
	$rows = array();
	while($row = $result->fetch_assoc()) {
            array_push($rows, $row);        
    }
    

	$_SESSION['uid'] = $rows[0]['id'];
	$_SESSION['name'] = $rows[0]['username'];
    header("location:index.php");
}else {
	header("location:login.php");
}


?>